The EPPO’s “Emily” operation against an alleged multimillion-euro VAT carousel in the luxury car sector illustrates how quickly cross-border trade can slide from aggressive tax planning into full-blown criminal exposure – and how asset confiscation has become at least as dangerous as the threat of a prison sentence.
Cannabis for personal use is no longer treated as a “classic” narcotic under German law – but that does not mean it is harmless from a criminal law perspective. The new Cannabis Use Act (Konsumcannabisgesetz, KCanG) still creates a dense web of offences, and recent case law by the Federal Court of Justice (BGH), higher regional courts and the Bavarian Supreme Court (BayObLG) shows that criminal investigations, seizures and prison sentences remain very real risks for consumers, home growers and those involved in the commercial market.
Germany has closed a long‑criticised loophole by bringing nitrous oxide (“laughing gas”, N₂O), gamma‑butyrolactone (GBL) and 1,4‑butanediol (BDO) under its New Psychoactive Substances Act (Neue‑psychoaktive‑Stoffe‑Gesetz – NpSG). The amending act was promulgated on 12 January 2026 and will enter into force on 12 April 2026. The reform responds to rising recreational use of nitrous oxide and the misuse of GBL/BDO as so‑called “date‑rape drugs”, while trying to preserve recognised industrial, commercial and medical uses.
For companies that manufacture, trade or transport these substances into, within or through Germany, the new regime creates a complex mix of prohibitions, exemptions and criminal liability that requires careful compliance planning.
Smuggling of migrants is no longer a marginal offence at the external borders of the EU, but a daily reality in inner-European border regions as well. In the German–Belgian–Dutch triangle around Aachen, investigations into alleged “smugglers” range from low‑level drivers who transport people for small sums to actors accused of involvement in structured international networks. For those affected, the stakes are high: prison sentences of several years, extensive asset seizures and, in cases with fatalities, even life imprisonment.
German criminal law addresses smuggling of migrants primarily through sections 96 and 97 of the Residence Act (AufenthG). These provisions have been tightened significantly in recent years, most notably by the “Act to Improve Return” in 2024. At the same time, case law of the Federal Court of Justice (BGH) and European law – including the Return Directive and recent decisions of the Court of Justice of the European Union – shape the limits and scope of criminal liability. Anyone facing such accusations needs a defence that understands both the dogmatic fine print and the realities of cross‑border enforcement practice.
Germany’s Federal Office of Justice sought to impose a total of 5.125 million euros on Telegram – and ultimately ran aground before the Local Court of Bonn on what sounds like a simple question: which legal entity actually operates the service. At its core, the case is not about sympathy or antipathy towards a particular messaging service, but about precise definitions of “provider”, robust evidence and the limits to how far authorities may stretch concepts of responsibility.
For senior management in internationally active digital businesses, the decisions are noteworthy for two reasons. First, they make clear that fine exposure is not managed solely through process‑level compliance programmes, but starts much earlier with the basic allocation of roles within the group and the way those roles are communicated externally. Second, the court underlines that regulatory strategies are constrained by rule‑of‑law principles such as the requirement of legal certainty – even where the political pressure to “do something” about hate speech and platform regulation is high.
A state theatre in southern Germany, an internationally operating ransomware ring and a criminal trial in which courts suddenly have to dissect covert ransom negotiations, darknet chats and opaque payment flows – it all sounds more like a screenplay than a day in a regional courtroom.
What makes this case so compelling is that it forces a public institution to explain, under oath, how it managed to stay operational under acute digital extortion, and it exposes the practical roles that specialised cybercrime prosecutors, external IT contractors and potential ransom payments actually play. In doing so, the proceedings open a rare window onto a market that normally operates in the shadows and turn into a case study of how tightly technical, legal and political questions are intertwined whenever ransomware hits.
The third wave of Chinese corporate expansion into Europe carries a different character than its predecessors. Where earlier generations of Chinese firms focused on cheap manufacturing exports or aggressive M&A shopping sprees, today’s expansion follows a more sophisticated playbook. Companies like BYD, Luckin Coffee, and Urban Revivo are establishing physical retail presence, building local factories, and hiring European staff at unprecedented scales. Yet this deeper integration brings Chinese firms face-to-face with regulatory frameworks and workplace cultures that can catch even the most well-capitalized companies off guard.
The numbers tell the story of sustained commitment despite mounting headwinds. Chinese companies operating in Germany reported in 2025 that 43 percent expect revenue growth and 41 percent plan to expand their workforce, with over half using Germany as their European headquarters. More than 20 percent are shifting strategic focus from the United States to the European Union in response to geopolitical pressures. With 264 German companies already under Chinese ownership and investment flowing into automotive, machinery, and electronics sectors, the stakes for getting market entry right have never been higher.
Yet the same survey reveals that 81 percent of Chinese firms report heightened uncertainty and 67 percent cite strong anti-China sentiment as detrimental to their operations. This tension between opportunity and obstacle defines the contemporary experience of Chinese companies in Europe, where legal compliance requirements and cultural expectations diverge sharply from those in China.
European product liability law is being quietly but fundamentally rewritten. Software, AI systems and open source components move from the periphery into the legal core of what counts as a “product”, while cyber security and lifecycle management become part of the defect analysis. For management and engineering teams this means that software composition, open source usage and SBOM can no longer be treated as purely technical housekeeping; they are now part of the liability model.
This article outlines the key elements of the new regime, explains how software, AI and open source are treated, and shows why SBOM and the Cyber Resilience Act (CRA) will be central in practice.
Categories
Shutdown of Cryptomixer.io
From November 24 to 28, 2025, German and Swiss law enforcement authorities, supported by Europol and Eurojust, conducted a large-scale operation against the cryptocurrency mixing service Cryptomixer.io. Three servers in Switzerland were seized, the domain was blocked, and cryptocurrencies worth approximately 25 million euros were confiscated. Additionally, more than 12 terabytes of data were secured by investigators. Since its launch in 2016, Cryptomixer.io had been one of the largest Bitcoin mixers, anonymizing transactions by pooling coins from various users and redistributing them in smaller amounts to new addresses. This method disrupts the transaction chain and complicates traceability—a service primarily used in the underground economy and for obfuscating illicit financial flows.
The platform was accessible both on the clear web and the darknet, processing billions in transactions, many of which were linked to illegal activities such as ransomware attacks, drug and arms trafficking, or fraud. After the seizure, authorities placed a notice on the website warning that anyone using the service could face investigation. Whether this warning applies universally or requires nuanced consideration is a key question for those affected.
The German Act on the Protection of Participants in Distance Learning (Fernunterrichtsschutzgesetz, or FernUSG) was enacted to safeguard consumers in distance education contracts, granting them essential rights such as a statutory right of withdrawal. Historically, the law targeted structured, curriculum-based courses delivered remotely, ensuring participants received the quality and transparency they were promised. However, the rapid expansion of online coaching, webinars, and digital training programs has exposed gaps in the legislation, leaving both providers and consumers in a state of legal uncertainty.
For international businesses operating in Germany, understanding the FernUSG is critical. The law’s core principle – protecting consumers from misleading or substandard educational services – remains relevant, but its application to modern digital formats is increasingly contentious. The challenge lies in defining what constitutes “distance learning” in an era where education is no longer confined to traditional classrooms or rigid curricula.